Menu
▾
▴
Re: [Openvpn-users] TCP/UDP: Incoming packet rejected from xxx.xx.xx.xx:37097[2], expected peer address
|
From: siegfried <sie...@he...> - 2008-02-27 16:50:40
|
Thank you Prasanna. I'm sorry I posted twice, that was not intentional. >> >> I have an openvpn server that has been working for years in bridging >> mode at xxx.xxx.xxx.xxx and is currently working from address zzz.zzz.zzz.zzz. >> However, an old key that was working from another address is not >> working from yyy.yy.yy.yy as indicated by the error messages below. I >> have searched the archives and searched with google. I tried searching >> http://sourceforge.net/search/?group_id=48978&type_of_search=docs but >> no luck there either. >If your new server is multihomed, then you could have this problem. > > >You will need to upgrade the server to 2.1rc and add "multihome" to >the server conf. I wonder if this is going to be a problem for me since I (and my two VPN clients "alpha" and "beta") are in WA and my bridging server is in CO. My bridging server is a WRT54GS. Fortunately I left the ssh port open so I can access it without the VPN (I hope). Assuming it is a problem: Can client "alpha" become VPN bridging server for "beta" (both in WA) where "alpha" is simultaneously a bridging client to my WRT54Gs server in CO? >Basically, the replies are supposed to go out of the >xxx.xxx.xxx.xxx interface but are going out of the yyy.yy.yy.yy >interface. > > >Prasanna. > >> >> >> >> Can someone help me resolve this error message so I can make a connection? >> It looks like I have to edit some config file so it should not be a >> big deal but I'm not sure exactly where I would add the -float or-remote. >> >> >> >> Thanks, >> >> Siegfried >> >> >> >> >> >> >> >> Mon Feb 18 17:35:25 2008 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built >> on Oct >> 1 2006 >> >> Mon Feb 18 17:35:25 2008 IMPORTANT: OpenVPN's default port number is >> now 1194, based on an official port number assignment by IANA. >> OpenVPN >> 2.0-beta16 and earlier used 5000 as the default port. >> >> Mon Feb 18 17:35:25 2008 WARNING: No server certificate verification >> method has been enabled. See http://openvpn.net/howto.html#mitm for more info. >> >> Mon Feb 18 17:35:25 2008 LZO compression initialized >> >> Mon Feb 18 17:35:25 2008 Control Channel MTU parms [ L:1574 D:138 >> EF:38 EB:0 ET:0 EL:0 ] >> >> Mon Feb 18 17:35:25 2008 Data Channel MTU parms [ L:1574 D:1450 EF:42 >> EB:135 >> ET:32 EL:0 AF:3/1 ] >> >> Mon Feb 18 17:35:25 2008 Local Options hash (VER=V4): 'd79ca330' >> >> Mon Feb 18 17:35:25 2008 Expected Remote Options hash (VER=V4): 'f7df56b8' >> >> Mon Feb 18 17:35:25 2008 UDPv4 link local: [undef] >> >> Mon Feb 18 17:35:25 2008 UDPv4 link remote: xxx.xx.xxx.xxx:1194 >> >> Mon Feb 18 17:35:25 2008 TCP/UDP: Incoming packet rejected from >> yyy.yy.yy.yy:37097[2], expected peer address: xxx.xx.xxx.xxx:1194 >> (allow this incoming source address/port by removing --remote or >> adding --float) >> >> Mon Feb 18 17:35:27 2008 TCP/UDP: Incoming packet rejected from >> yyy.yy.yy.yy:37097[2], expected peer address: xxx.xx.xxx.xxx:1194 >> (allow this incoming source address/port by removing --remote or >> adding --float) >> >> Mon Feb 18 17:35:29 2008 TCP/UDP: Incoming packet rejected from >> yyy.yy.yy.yy:37097[2], expected peer address: xxx.xx.xxx.xxx:1194 >> (allow this incoming source address/port by removing --remote or >> adding --float) >> >> Mon Feb 18 17:35:29 2008 TCP/UDP: Incoming packet rejected from >> yyy.yy.yy.yy:37097[2], expected peer address: xxx.xx.xxx.xxx:1194 >> (allow this incoming source address/port by removing --remote or >> adding --float) >> >> Mon Feb 18 17:35:31 2008 TCP/UDP: Incoming packet rejected from >> yyy.yy.yy.yy:37097[2], expected peer address: xxx.xx.xxx.xxx:1194 >> (allow this incoming source address/port by removing --remote or >> adding --float) >> >> >> >> >> ---------------------------------------------------------------------- >> --- This SF.net email is sponsored by: Microsoft Defy all >> challenges. Microsoft(R) Visual Studio 2008. >> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ >> _______________________________________________ >> Openvpn-users mailing list >> Ope...@li... >> https://lists.sourceforge.net/lists/listinfo/openvpn-users >> >> > > > >-- >www.elinanetworks.com >Seamless, secure delivery of applications. |
